On 16.06.2013 06:01, "Paweł Hajdan, Jr." wrote: > On 6/9/13 7:22 AM, Alex Legler wrote: >> I'd appreciate some input on below plan to move project pages to the Wiki: > > Alex, thanks for working on this! Some feedback: > > 1. How will the project pages be protected against "unwanted" edits? I > think it's valuable to have some official pages where you know only > Gentoo devs can edit them.
The Project: namespace is restricted to only allow users in the developer group to edit. > > 2. How will the staffing needs page be updated after dropping gorg? You create a subpage for each staffing need, filling in information using a form. Semantic magic aggregates these, and you'll get a template to include for your project page to list the ones for your project specifically. > > 3. How secure is the wiki? Do we have regular backups and security > updates procedures in place? I know you're member of the security team > and infra team is doing its job well, but I just wanted to check. > Dynamic web applications arguably have bigger attack surface than > effectively a bunch of static files only editable after you gain server > access. It's part of the usual infra backup, and I follow upstream release announcements and update accordingly. > > Paweł > > -- Alex Legler <a...@gentoo.org> Gentoo Security/Ruby/Infrastructure
signature.asc
Description: OpenPGP digital signature
